Local cache-based identification system

ABSTRACT

An identification system uses a local cache for performing identifications. An identity system device may store identity information and identification information. An electronic device stores a cache of a portion of the identity information and a part of the identification information. The electronic device receives user input, determines an identity by comparing the user input to the cached identification information (such as by comparing a received digital representation of a biometric with cached biometric identification information), and performs an action using information in the cached identity information that is associated with the identity. The electronic device may update the identity information stored by the identity system device based on the action.

CROSS-REFERENCE TO RELATED APPLICATION(S)

This application is a continuation patent application of U.S. patentapplication Ser. No. 17/704,314, filed Mar. 25, 2022 and titled “LocalCache-Based Identification System,” which is a continuation patentapplication of U.S. patent application Ser. No. 16/679,529, filed Nov.11, 2019 and titled “Local Cache-Based Identification System,” which isa nonprovisional patent application of and claims the benefit of U.S.Provisional Patent Application No. 62/785,721, filed Dec. 28, 2018 andtitled “Local Cache-Based Identification System,” the disclosures ofwhich are hereby incorporated herein by reference in their entireties.

FIELD

The described embodiments relate generally to identification systems.More particularly, the present embodiments relate to identificationsystems that use a local cache for performing identifications.

BACKGROUND

Various electronic devices may use identity information for people toperform a number of different actions. Identity information may includea name, an address, entitlements (such as purchased tickets), financialinformation, and/or any other information associated with a person'sidentity. For example, a security kiosk may access identity informationto determine a person's name as part of screening the person for entryinto a secured area, such as an airport. Such electronic devices mayprotect the identity information to restrict use of the identityinformation. For example, an electronic device may require login to anaccount associated with the identity information prior to taking anyaction that uses the identity information.

In some situations, the identity information may be maintained andstored at the electronic device that uses the identity information. Thisenables the electronic device to perform actions using the identityinformation. In other situations, a central system maintains and storesthe identity information and allows access to remote electronic devices.This enables multiple electronic devices to perform actions using theidentity information.

SUMMARY

The present disclosure relates to an identification system that uses alocal cache for performing identifications. An identity system devicemay store identity information and identification information. One ormore electronic devices may store a cache of a portion of the identityinformation and a part of the identification information. Such anelectronic device may allow controlled access to the cached identityinformation using the cached identification information. For example,the cached identification information may include cached biometricidentification information. The electronic device may receive userinput, determine an identity by comparing the user input to the cachedidentification information, and perform an action using information inthe cached identity information that is associated with the identity. Inthis way, the electronic device performs identifications locally withoutrequiring communication with the identity system device but also usesthe identity system device to centrally store and maintain the identityinformation and the identification information that is used to protectthe identity information.

In various embodiments, an identification system that uses a local cachefor performing identifications includes an identity system device thatstores identity information and biometric identification information andan electronic device that includes a biometric reader device, acommunication unit, a non-transitory storage medium that storesinstructions, and a processor. The processor executes the instructionsto receive from the identity system device, using the communicationunit, an identity information cache that constitutes a portion of theidentity information from the identity system device; receive from theidentity system device, using the communication unit, a biometricidentification information cache that constitutes a part of thebiometric identification information; obtain a digital representation ofa biometric via the biometric reader device; determine an identity bycomparing the digital representation of the biometric to the biometricidentification information cache; perform an action using information inthe identity information cache that is associated with the identity; andtransmit a notification to the identity system device, using thecommunication unit, to update based on the action a subset of theidentity information associated with the identity.

In some examples, the identity system device determines parameters foridentities to cache, selects the portion of the identity information andthe part of the biometric identification information according to theparameters, and transmits the portion of the identity information andthe part of the biometric identification information to the electronicdevice. In some implementations of such examples, the parameters includea list of ticket holders or a flight manifest.

In various examples, the digital representation of the biometric is afirst digital representation of a first biometric, the identity is afirst identity, and the processor obtains a second digitalrepresentation of a second biometric, determines the second digitalrepresentation of the second biometric does not have a match in thebiometric identification information cache, and determines a secondidentity by transmitting the second digital representation of the secondbiometric to the identity system device. In some implementations of suchexamples, the information is first information and the processorreceives second information in the identity information that isassociated with the second identity from the identity system device.

In some examples, the processor deletes the digital representation ofthe biometric upon determining the identity. In various examples, acommunication link between the electronic device and the identity systemdevice is unavailable while the processor determines the identity.

In some embodiments, an electronic device includes a biometric readerdevice, a communication unit, a non-transitory storage medium thatstores instructions, and a processor. The processor executes theinstructions to cache identity information and biometric identificationinformation received, using the communication unit, from an identitysystem device of an identification system that uses a local cache forperforming identifications; obtain a digital representation of abiometric via the biometric reader device; determine an identity bycomparing the digital representation of the biometric to the biometricidentification information; and perform an action using a portion of theidentity information that is associated with the identity.

In various examples, the action includes allowing access. In someimplementations of such examples, the electronic device further includesan access control mechanism and the processor allows the access bycontrolling the access control mechanism.

In some examples, the identity information includes a verified age. Invarious examples, the identity information includes payment information.

In various examples, the biometric reader device includes at least oneof a fingerprint scanner, an optical fingerprint scanner, aphosphorescent fingerprint scanner, a camera, an image sensor, a heartrhythm monitor or other biological sensor, or a microphone. In someexamples, the digital representation of the biometric includes a digitalrepresentation of at least one of a fingerprint, a voiceprint, a facialimage, a retina image, an iris image, a heart rhythm or other biologicalinformation, or a gait.

In various embodiments, an electronic device includes a biometric readerdevice, a communication unit, a non-transitory storage medium thatstores instructions, and a processor. The processor executes theinstructions to determine parameters for identities to cache; obtainidentity information and biometric identification information, using thecommunication unit, that correspond to the parameters from an identitysystem device of an identification system that uses a local cache forperforming identifications; store the identity information and thebiometric identification information in the non-transitory storagemedium; obtain a digital representation of a biometric via the biometricreader device; and determine an identity by comparing the digitalrepresentation of the biometric to the biometric identificationinformation.

In some examples, the processor performs an action using information inthe identity information corresponding to the identity and deletes theidentity information and the biometric identification information afterperforming the action. In some implementations of such examples, theaction includes allowing entrance based on a ticket and the processorupdates a status of the ticket in the identity information based on theentrance.

In various examples, the parameters include permitted entrants. In someexamples, the electronic device is a component of a vehicle. In variousimplementations of such examples, the parameters include permittedvehicle operators.

BRIEF DESCRIPTION OF THE DRAWINGS

The disclosure will be readily understood by the following detaileddescription in conjunction with the accompanying drawings, wherein likereference numerals designate like structural elements.

FIG. 1 depicts a first example identification system that uses a localcache for performing identifications.

FIG. 2 depicts a second example identification system that uses a localcache for performing identifications.

FIG. 3 depicts a flow chart illustrating a first example method forusing a local cache to perform identifications. This method may beperformed by the systems of FIGS. 1 and/or 2 .

FIG. 4 depicts a flow chart illustrating an example method for localcaching for performing identifications. This method may be performed bythe systems of FIGS. 1 and/or 2 .

FIG. 5 depicts a third example identification system that uses a localcache for performing identifications.

FIG. 6 depicts a flow chart illustrating a second example method forusing a local cache to perform identifications. This method may beperformed by the systems of FIGS. 2 and/or 5 .

FIG. 7 depicts a fourth example identification system that uses a localcache for performing identifications.

FIG. 8 depicts a flow chart illustrating a third example method forusing a local cache to perform identifications. This method may beperformed by the systems of FIGS. 2 and/or 7 .

FIG. 9 depicts a fifth example identification system that uses a localcache for performing identifications.

FIG. 10 depicts a flow chart illustrating a fourth example method forusing a local cache to perform identifications. This method may beperformed by the systems of FIGS. 2 and/or 9 .

FIG. 11 depicts a sixth example identification system that uses a localcache for performing identifications.

FIG. 12 depicts a flow chart illustrating a fifth example method forusing a local cache to perform identifications. This method may beperformed by the systems of FIGS. 2 and/or 11 .

FIG. 13 depicts a seventh example identification system that uses alocal cache for performing identifications.

FIG. 14 depicts a flow chart illustrating a sixth example method forusing a local cache to perform identifications. This method may beperformed by the systems of FIGS. 2 and/or 13 .

DETAILED DESCRIPTION

Reference will now be made in detail to representative embodimentsillustrated in the accompanying drawings. It should be understood thatthe following descriptions are not intended to limit the embodiments toone preferred embodiment. To the contrary, it is intended to coveralternatives, modifications, and equivalents as can be included withinthe spirit and scope of the described embodiments as defined by theappended claims.

The description that follows includes sample systems, methods, andcomputer program products that embody various elements of the presentdisclosure. However, it should be understood that the describeddisclosure may be practiced in a variety of forms in addition to thosedescribed herein.

Implementations where an electronic device maintains and stores identityinformation may not be very flexible as such implementations do notsupport multiple electronic devices using the identity information,particularly different kinds of electronic devices. Further, eachelectronic device may be configured with the identity information beforeuse. This may be burdensome and complex, as well as multiplying storagerequirements for the identity information. Each time a new electronicdevice is to use the identity information, the new electronic device isseparately configured to use the identity information.

Implementations where a central system maintains and stores the identityinformation may support use of the identity information by multipleelectronic devices and/or different kinds of electronic devices. Thismay be very flexible as new electronic devices communicate with thecentral system for identity information rather than requiring separateidentity information configuration. However, electronic devices in suchan arrangement may be unable to function if a communication link betweenthe electronic device and the central system becomes unavailable.Further, the speed at which the electronic device operates may bedependent on the speed at which the electronic device may communicatewith the central system.

The following disclosure relates to an identification system that uses alocal cache for performing identifications. An identity system devicemay store identity information and identification information. One ormore electronic devices may store a cache of a portion of the identityinformation and a part of the identification information. Such anelectronic device may allow controlled access to the cached identityinformation using the cached identification information. For example,the cached identification information may include cached biometricidentification information. The electronic device may receive userinput, determine an identity by comparing the user input to the cachedidentification information, and perform an action using information inthe cached identity information that is associated with the identity. Inthis way, the electronic device performs identifications locally withoutrequiring communication with the identity system device but also usesthe identity system device to centrally store and maintain the identityinformation and the identification information that is used to protectthe identity information.

In some implementations, the electronic device may update the identityinformation stored by the identity system device according to theaction. In various implementations, the portion of the identityinformation and the part of the identification information cached at anelectronic device may be selected according to one or more parameters.Such parameters may be associated with the function of the electronicdevice, a location of the electronic device, a time period, and/or otherfactors.

The above may allow electronic devices to function even whencommunication between the electronic device and the identity systemdevice is unavailable. This may also allow local use of centrallymaintained information, free up the electronic devices from separatelymaintaining and storing the information, improve the speed of electronicdevice performance by making the performance independent of the speed ofcommunication between electronic devices and the identity system device,and so on. This may also enable the electronic devices to performfunctions not previously performable as the identity information may beupdated based on actions performed by other electronic devices thataffect the identity information.

These and other embodiments are discussed below with reference to FIGS.1-14 . However, those skilled in the art will readily appreciate thatthe detailed description given herein with respect to these figures isfor explanatory purposes only and should not be construed as limiting.

FIG. 1 depicts a first example identification system 100 that uses alocal cache for performing identifications. The identification system100 may include one or more local electronic devices 101 (which may belocated at one or more local locations 104) and one or more identitysystem devices 102 (which may be located at one or more remote locations105). The identity system device 102 may store and maintain identityinformation (e.g., information about a person such as name, address,financial information, social security number, phone number, previousactions by a person, and so on) and identification information (i.e.,information that may be used to determine the identity of a person). Thelocal electronic device 101 may store a cached portion of the identityinformation and part of the identification information. The localelectronic device 101 may receive user input from a person 103,determine an identity for the person 103 by comparing the user input tocached identification information, and perform an action usinginformation in cached identity information that is associated with theidentity of the person 103. In this way, the local electronic device 101may be able to perform identifications locally without requiringcommunication with the identity system device 102. At the same time, theidentification system 100 may use the identity system device 102 tocentrally store and maintain the identity information and theidentification information. In some implementations, the localelectronic device 101 may also update the identity information stored bythe identity system device 102 according to the action, such as bytransmitting one or more notifications regarding the action to theidentity system device 102.

These features may allow the local electronic device 101 to functioneven when communication between the local electronic device 101 and theidentity system device 102 is unavailable. This may also allow local useof centrally maintained information, free up the local electronic device101 from separately maintaining and storing the information, improve thespeed of local electronic device 101 performance by making theperformance independent of the speed of communication between localelectronic device 101 and the identity system device 102, and so on.This may also enable the local electronic device 101 to performfunctions not previously performable as the identity information may beupdated based on actions performed by other electronic devices thataffect the identity information.

The identity information may include a name, an address, entitlements(such as purchased tickets), financial information, and/or any otherinformation associated with a person's identity. For example, the localelectronic device 101 may be a security kiosk that may access identityinformation to determine a person's name as part of screening the personfor entry into a secured area, such as an event venue, a building, anairport, and so on. By way of another example, the local electronicdevice 101 may be a point of sale device that may access identityinformation to determine a person's financial information as part ofprocessing payment for a transaction. In yet another example, the localelectronic device 101 may be a ticket processing station at an eventvenue that that may access identity information to determine whether ornot a person has a valid ticket for entrance. In still another example,the local electronic device 101 may be an age verification device thatmay access identity information to determine whether or not a person isof a threshold age, such as eighteen or twenty one. Variousconfigurations are possible and contemplated without departing from thescope of the present disclosure.

By allowing use of identity information upon receipt of user input thatmatches associated identification information, the identification system100 may protect the identity information by restricting access to theidentity information. For example, the local electronic device 101 mayinclude a biometric reader device (such as a fingerprint scanner, acamera and/or other 2D or 3D image capture device, a microphone, a heartrhythm monitor or other biological sensor, and so on) that is operableto obtain or receive a digital representation of a biometric (such asone or more hashes or other digital representations of one or morefingerprints, facial images, iris images, retina images, voiceprints,gaits, a heart rhythms or other biological information, and so on) fromthe person 103 and the cached identification information may includebiometric data associated with identities corresponding to the cachedidentity information. By way of another example, the local electronicdevice 101 may include one or more keyboards, touch screens, and/orother input/output devices and the person 103 may use such to providelogin information for an account and the cached identificationinformation may include account information. Various configurations arepossible and contemplated without departing from the scope of thepresent disclosure.

The identity information and the identification information cached bythe local electronic device 101 may be cached in a variety of differentways. In some implementations, the local electronic device 101 and/orthe identity system device 102 may determine one or more parameters foridentities to cache, obtain identity information and biometricidentification information that corresponds to the parameters, and storethe obtained identity information and biometric identification in thecache at the local electronic device 101. Such parameters may beassociated with the function of the local electronic device 101, thelocation 104 of the local electronic device 101, a time period, and/orother factors. For example, the local electronic device 101 may be aticket kiosk at an event venue and the parameters may include people whohave a valid ticket for the event. By way of another example, the localelectronic device 101 may be an airport security station and theparameters may include people who have a flight at that airport and/orthat terminal and/or that gate within twenty four hours. In yet anotherexample, the local electronic device 101 may be a point of sale deviceon a flight and the parameters may include a flight manifest of peoplescheduled to be on that flight. By way of another example, the localelectronic device 101 may be a vehicle and the parameters may include alist of people who are permitted to operate the vehicle. In stillanother example, the local electronic device 101 may be a grocery storecheckout device and the parameters may include people who frequent thatparticular grocery store. Various configurations are possible andcontemplated without departing from the scope of the present disclosure.

One or more identity system devices 102 may use information obtainedfrom one or more local electronic devices 101 in a variety of differentways. For example, in some implementations, a local electronic devices102A-D may be a security screening device at an airport. An identitysystem device 102 may receive information such as determined identity,ticket data (such as flight numbers, gate numbers, terminal numbers,flight times, and so on) from such a security screening device and usesuch information to perform tasks, such as verifying that an identity isassociated with a valid identification (such as a driver's license,passport, and so on), implementing a multiple lane screening system, andso on. For example, the identity system device 102 may use theinformation to adjust personnel and/or other resources to manageexpected flow; create expedited lines based on which passengers areearly, late, and so on; create expedited and/or other adjusted lines forstaff as opposed to passengers; create different lines for differentlylevels of tickets, rewards or other loyalty programs, and so on; createdifferent lines for different levels of security (such as routingtrusted people to minimized screening lines and riskier people toadditional screening lines, and so on); and so on. The identity systemdevice 102 (and/or the local electronic device 101) may use informationfrom the local electronic devices 101 in a variety of different ways toperform various functions that might not otherwise be possible withoutsuch information.

Additionally, although this example is provided in the context ofairport security, it is understood that this is an example. Suchtechniques may be performed in other contexts (such as in the context ofa stadium or other event venue, vehicle, and so on) without departingfrom the scope of the present disclosure. Various configurations arepossible and contemplated.

Although the above illustrates and describes caching information (suchas identity information and/or identification information) at a localelectronic device 101, this an similar examples below are simplifiedexamples for the purposes of clarity. In various implementations, thelocal electronic device 101 may be a local network of electronicdevices. For example, a central server computing device at a stadium maycache information (such as identity information and/or identificationinformation) from one or more identity system devices 102 and provideaccess to such cached information to one or more stations and/or otherelectronic devices at the stadium. By way of another example, a servercomputing device on an aircraft may cache information (such as identityinformation and/or identification information) from one or more identitysystem devices 102 and provide access to such cached information to oneor more stations and/or other electronic devices at individual passengerseats. Various configurations are possible and contemplated withoutdeparting from the scope of the present disclosure.

Further, although the above illustrates and describes one or moreidentity system devices 102 caching information (such as identityinformation and/or identification information) at a local electronicdevice 101, this an similar examples below are simplified examples forthe purposes of clarity. In various implementations, the identity systemdevice 102 may communicate with one or more third party databases and/orother electronic devices to obtain information to cache at a localelectronic device 101 and/or to update with information obtained from alocal electronic device 101. Such third party databases and/or otherelectronic devices may include one or more black lists (such as afederal no fly list), driver's license databases, criminal watch lists,payment processing systems, and/or any other kind of third partydatabase and/or other electronic device. Various configurations arepossible and contemplated without departing from the scope of thepresent disclosure.

FIG. 2 depicts a second example identification system 200 that uses alocal cache for performing identifications. The identification system200 may include one or more local electronic devices 201 that areoperable to communicate with one or more identity system devices 202 viaone or more wired and/or wireless communication networks 230.

The local electronic device 201 may include one or more processing units210 or other processors or controllers, one or more communication units211, one or more non-transitory storage media 212 (which may take theform of, but is not limited to, a magnetic storage medium; opticalstorage medium; magneto-optical storage medium; read only memory; randomaccess memory; erasable programmable memory; flash memory; and so on),one or more input/output components 213 (such as one or more keyboards;touch screens; mice; biometric reader devices like a fingerprintscanner, an optical fingerprint scanner, a phosphorescent fingerprintscanner, a camera and/or other 2D or 3D image capture device, an imagesensor, a microphone, a heart rhythm monitor or other biological sensor,and/or any other device operative to obtain a digital representation ofa biometric; and so on). Similarly, the identity system device 202 mayinclude one or more processing units 220 or other processors orcontrollers, communication units 221, non-transitory storage media 222,and so on.

The identity system device 202 may store identity information 224Aand/or identification information 224B in the storage medium 222. Theidentity information 224A may be associated with the identificationinformation 224B. The local electronic device 201 may store one or morecaches 214 in the storage medium 212. The local electronic device 201may store a portion of the identity information 224A and/or a part ofthe identification information 224B in the cache 214.

The processing unit 210 of the local electronic device 201 may executeinstructions stored in the storage medium 212 to perform variousfunctions. For example, the functions may include communicating with theidentity system device 202 via the network 230 using the communicationunit 211, storing information in the cache 214, obtaining user input viathe input/output component 213, determining an identity by comparinguser input to cached identification information, performing one or moreactions using information in cached identity information, the variousfunctions discussed above as performed by the local electronic device101 of FIG. 1 , and so on. Similarly, the processing unit 220 of theidentity system device 202 may execute instructions stored in thestorage medium 222 to perform various functions. For example, thefunctions may include communicating with the local electronic device 201via the network 230 using the communication unit 221, storing and/ormaintaining the identity information 224A and/or the identificationinformation 224B the various functions discussed above as performed bythe identity system device 102 of FIG. 1 , and so on.

The local electronic device 201 may be any kind of electronic devicewithout departing from the scope of the present disclosure. For example,the local electronic device 201 may be a desktop computing device, alaptop computing device, a mobile computing device, a tablet computingdevice, a mobile telephone, a smart phone, a digital media player, awearable device, a vehicle, a kitchen appliance, a point of saleterminal, a kiosk, and so on. Similarly, the identity system device 202may be any kind of electronic device without departing from the scope ofthe present disclosure.

FIG. 3 depicts a flow chart illustrating a first example method 300 forusing a local cache to perform identifications. This method 300 may beperformed by the systems 100, 200 of FIGS. 1 and/or 2 .

At operation 310, an electronic device (such as the local electronicdevice 101, 201 of FIGS. 1 and/or 2 ) may receive identificationinformation. The identification information may be any kind ofinformation that may be used to determine an identity. For example, theidentification information may be one or more digital representations ofa biometric. In another example, the identification information may be alogin for an account. In still other implementations, the identificationinformation may be a combination of the two. Various configurations arepossible and contemplated without departing from the scope of thepresent disclosure. In some examples, the cached identificationinformation may be a portion of identification information maintainedand stored by an identity system device, such as a central identityinformation database. In such examples, the electronic device maygenerate the cached identification information by storing informationreceived from the identity system device.

At operation 320, the electronic device may compare the identificationinformation to cached identification information. For example, theelectronic device may determine whether or not there is a match betweenthe identification information and the cached identity information. Insome examples, the cached identity information may be a portion ofidentity information maintained and stored by an identity system device,such as a central identity information database. In such examples, theelectronic device may generate the cached identity information bystoring information received from the identity system device.

At operation 330, the electronic device may determine whether or not anidentity can be determined based on the comparison. If so, the flow mayproceed to operation 340. Otherwise, the flow may proceed to operation350 where the electronic device may determine that an error hasoccurred.

At operation 340, after the electronic device determines an identitybased on the comparison between the identification information to thecached identification information, the electronic device may use cachedidentity information associated with the identity. The electronic devicemay use the cached identity information to perform one or more actions.For example, the electronic device may obtain a name stored in thecached identity information, determine an entitlement indicated in thecached identity information, allow entrance based on an entitlementindicated in the cached identity information, update an entitlementindicated in the cached identity information based on an action that theelectronic device performs, verify an age indicated in the cachedidentity information, process a payment using financial information(such as a credit card, bank account number, rewards account, airlinemiles, a credit account created by the electronic device usinginformation stored in the cached identity information, and so on) storedin the cached identity information, and so on.

Although the example method 300 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, the method 300 is illustrated and described as theelectronic device determining an error occurs if an identity cannot bedetermined based on the comparison between the identificationinformation and cached identification information. However, it isunderstood that this is an example. In some implementations, theelectronic device may instead transmit the identification information toanother device to determine the identity if the electronic device cannotdetermine the identity based on the comparison. Various configurationsare possible and contemplated without departing from the scope of thepresent disclosure.

In various examples, this example method 300 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed within a cloud network and/or by one or more computingdevices, such as the local electronic device 101, 201 of FIGS. 1 and/or2 .

FIG. 4 depicts a flow chart illustrating an example method 400 for localcaching for performing identifications. This method 400 may be performedby the systems 100, 200 of FIGS. 1 and/or 2 .

At operation 410, an electronic device (such as the local electronicdevice 101, 201 of FIGS. 1 and/or 2 and/or the identity system device102, 202 of FIGS. 1 and/or 2 ) may determine parameters for identitiesto cache. Such parameters may be associated with the function of anelectronic device that will use the cache, the location of theelectronic device that will use the cache, a time period, and/or otherfactors. For example, when creating a cache for a security kiosk at anairport, the parameters may include a list of flight manifests for allpassengers with flights at that airport for the next day.

At operation 420, the electronic device may obtain identificationinformation and identity information based on the parameters. Forexample, the electronic device may obtain a portion of identificationinformation and identity information stored by an identity system deviceand/or a database maintained by the identity system device thatsatisfies the parameters.

At operation 430, the electronic device may cache the obtainedidentification information and identity information at an electronicdevice that will use the cache. For example, the electronic device maybe the electronic device that will use the cache. In such an example,the electronic device may obtain the identification information andidentity information and cache such. In another example, the electronicdevice may be the identity system device. In such an example, theidentity system device may obtain the identification information andidentity information and transmit such to the electronic device thatwill use the cache for performing identifications.

Although the example method 400 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, operation 420 is illustrated and described as obtaining theidentification information and identity information. However, in someimplementations, the electronic device performing the method 400 may bean identity system device that maintains the identification informationand identity information from which the identification information andidentity information corresponding to the parameters is derived. In suchan example, operation 420 may involve deriving the identificationinformation and identity information corresponding to the parametersfrom the larger body of the identification information and identityinformation stored and maintained by the identity system device. Variousconfigurations are possible and contemplated without departing from thescope of the present disclosure.

In various examples, this example method 400 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed within a cloud network and/or by one or more computingdevices, such as the local electronic device 101, 201 of FIGS. 1 and/or2 and/or the identity system device 102, 202 of FIGS. 1 and/or 2 .

In various implementations, an identification system that uses a localcache for performing identifications may include an identity systemdevice that stores identity information and biometric identificationinformation and an electronic device that includes a biometric readerdevice, a communication unit, a non-transitory storage medium thatstores instructions, and a processor. The processor may execute theinstructions to receive from the identity system device, using thecommunication unit, an identity information cache that constitutes aportion of the identity information from the identity system device;receive from the identity system device, using the communication unit, abiometric identification information cache that constitutes a part ofthe biometric identification information; obtain a digitalrepresentation of a biometric via the biometric reader device; determinean identity by comparing the digital representation of the biometric tothe biometric identification information cache; perform an action usinginformation in the identity information cache that is associated withthe identity; and transmit a notification to the identity system device,using the communication unit, to update based on the action a subset ofthe identity information associated with the identity.

In some examples, the identity system device may determine parametersfor identities to cache, select the portion of the identity informationand the part of the biometric identification information according tothe parameters, and transmit the portion of the identity information andthe part of the biometric identification information to the electronicdevice. In some such examples, the parameters may include a list ofticket holders or a flight manifest.

In various examples, the digital representation of the biometric may bea first digital representation of a first biometric, the identity may bea first identity, and the processor may obtain a second digitalrepresentation of a second biometric, determine the second digitalrepresentation of the second biometric does not have a match in thebiometric identification information cache, and determine a secondidentity by transmitting the second digital representation of the secondbiometric to the identity system device. In some such examples, theinformation may be first information and the processor may receivesecond information in the identity information that is associated withthe second identity from the identity system device.

In some examples, the processor may delete the digital representation ofthe biometric upon determining the identity. In various examples, acommunication link between the electronic device and the identity systemdevice may be unavailable while the processor determines the identity.

In some implementations, an electronic device may include a biometricreader device, a communication unit, a non-transitory storage mediumthat stores instructions, and a processor. The processor may execute theinstructions to cache identity information and biometric identificationinformation received, using the communication unit, from an identitysystem device of an identification system that uses a local cache forperforming identifications; obtain a digital representation of abiometric via the biometric reader device; determine an identity bycomparing the digital representation of the biometric to the biometricidentification information;

and perform an action using a portion of the identity information thatis associated with the identity.

In various examples, the action may include allowing access. In somesuch examples, the electronic device further may include an accesscontrol mechanism and the processor may allow the access by controllingthe access control mechanism.

In some examples, the identity information may include a verified age.In various examples, the identity information may include paymentinformation.

In various examples, the biometric reader device may include at leastone of a fingerprint scanner, an optical fingerprint scanner, aphosphorescent fingerprint scanner, a camera (and/or other 2D or 3Dimage capture device), an image sensor, a heart rhythm monitor or otherbiological sensor, or a microphone. In some examples, the digitalrepresentation of the biometric may include a digital representation ofat least one of a fingerprint, a voiceprint, a facial image, a retinaimage, an iris image, a heart rhythm or other biological information, ora gait.

In various implementations, an electronic device may include a biometricreader device, a communication unit, a non-transitory storage mediumthat stores instructions, and a processor. The processor may execute theinstructions to determine parameters for identities to cache; obtainidentity information and biometric identification information, using thecommunication unit, that correspond to the parameters from an identitysystem device of an identification system that uses a local cache forperforming identifications; store the identity information and thebiometric identification information in the non-transitory storagemedium; obtain a digital representation of a biometric via the biometricreader device; and determine an identity by comparing the digitalrepresentation of the biometric to the biometric identificationinformation.

In some examples, the processor may perform an action using informationin the identity information corresponding to the identity and delete theidentity information and the biometric identification information afterperforming the action. In some such examples, the action may includeallowing entrance based on a ticket and the processor may update astatus of the ticket in the identity information based on the entrance.

In various examples, the parameters may include permitted entrants. Insome examples, the electronic device may be a component of a vehicle. Invarious such examples, the parameters may include permitted vehicleoperators.

FIG. 5 depicts a third example identification system 500 that uses alocal cache for performing identifications. In this example, theidentification system 500 may be a ticket station 501 at a venue thatcontrols access based on whether or not a person 503 has a valid ticketfor entrance. The ticket station 501 may include a biometric readerdevice 513 and an access control mechanism 540. The ticket station 501may obtain a digital representation of a biometric using the biometricreader device 513, determine an identity by comparing the digitalrepresentation of the biometric to cached biometric identificationinformation, and allow access by controlling the access controlmechanism 540 if information in the cached identity informationassociated with the identity indicates that the person 503 has a validticket for entrance.

For example, the biometric reader device 513 is illustrated as a cameraand the access control mechanism 540 is illustrated as a gate arm. Thecamera may obtain an image of the person's face, determine an identityby comparing the image to cached facial images, and control the gate armto allow the person 503 inside if a valid ticket is associated with theidentity.

In some implementations, the ticket station 501 may update the cachedidentity information to reflect the updated status of the ticket afteruse. For example, if the ticket is a single entry ticket, the ticketstation 501 may change the status of the ticket to indicate that theticket has been used.

In various implementations, the ticket station 501 may transmit anotification to an identity system device that maintains the identityinformation from which the cached identity information was obtained toupdate the status of the ticket. Such a notification may be transmittedwhen the ticket status is changed and/or at various times. For example,the ticket station 501 may transmit notifications to updateperiodically, such as once per hour, once per day, and so on. By way ofanother example, the ticket station 501 may transmit notifications toupdate upon establishing a communication link to the identity systemdevice. Various configurations are possible and contemplated withoutdeparting from the scope of the present disclosure.

FIG. 6 depicts a flow chart illustrating a second example method 600 forusing a local cache to perform identifications. This method 600 may beperformed by the systems 200, 500 of FIGS. 2 and/or 5 .

At operation 610, an electronic device (such as the local electronicdevice 201 of FIG. 2 and/or the ticket station 501 of FIG. 5 ) mayobtain a digital representation of a biometric. The digitalrepresentation of the biometric may be a digital representation of afingerprint, a voiceprint, a facial image, a retina image, an irisimage, a gait, a heart rhythm or other biological information, and soon. The digital representation of the biometric may be obtained usingone or more biometric reader devices, such as a fingerprint scanner, anoptical fingerprint scanner, a phosphorescent fingerprint scanner, acamera, an image sensor, a microphone, a heart rhythm monitor or otherbiological sensor, and so on.

At operation 620, the electronic device may compare the digitalrepresentation of the biometric to cached biometric data. For example,the cached biometric data may be identification information stored bythe electronic device that corresponds to cached identity informationalso stored by the electronic device.

At operation 630, the electronic device may determine whether or not theelectronic device can determine an identity. The electronic device maydetermine whether or not it can determine an identity based on whetheror not the electronic device finds a match between the digitalrepresentation of the biometric and the cached biometric data, whetheror not the electronic device has cached identity information associatedwith the cached biometric data that matches the digital representationof the biometric, and so on. If so, the flow proceeds to operation 640.Otherwise, the flow proceeds to operation 670 where the electronicdevice may determine an error has occurred.

At operation 640, after the electronic device determines the identity,the electronic device may determine whether or not the identityinformation indicates that a valid ticket is associated with theidentity. If so, the flow may proceed to operation 650. Otherwise, theflow may proceed to operation 670 where the electronic device maydetermine an error has occurred.

At operation 650, after the electronic device determines that a validticket is associated with the identity, the electronic device may allowaccess. The electronic device may allow access by controlling an accesscontrol mechanism, such as a gate arm, a door, a turnstile, and/or anyother device operable to control access.

At operation 660, the electronic device may update the ticket status.For example, the electronic device may update the cached identityinformation and/or transmit a notification to an identity system deviceindicating that the ticket has been used. The update may also involveother information, such as a location where the ticket was used, aperson who used the ticket, and/or other such information.

Although the example method 600 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, the method 600 is illustrated and described as allowingaccess or not based on whether or not valid ticket information isindicated in cached identity information. However, it is understood thatthis is an example. In some implementations, a rewards account may beindicated in the cached identity information that entitles the person toa free or discounted product or service based on use of the ticket. Insuch implementations, the electronic device may automatically dispensethe good or service, provide a voucher for the good or service, transmita notification regarding the good or service (such as to a device thatprovides the good or service, to a mobile computing device carried bythe person, and so on).

In various implementations, the cached identity information may indicatethat the person has the option to upgrade to a higher ticket level (suchas a box seat when the valid ticket was for general admission and so on)and the electronic device may prompt the person and/or transmit anotification regarding the option to upgrade. In some examples of suchimplementations, the cached identity information may indicate that theperson has configured default options in such a case and does not wantto be bothered by upsells. In such an example, the electronic device mayperform the upgrade and/or transmit notifications to accomplish theupgrade automatically according to the default options indicated in thecached identity information. Various configurations are possible andcontemplated without departing from the scope of the present disclosure.

In various examples, this example method 600 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed within a cloud network and/or by one or more computingdevices, such as the local electronic device 201 of FIG. 2 and/or theticket station 501 of FIG. 5 .

FIG. 7 depicts a fourth example identification system 700 that uses alocal cache for performing identifications. In this example, theidentification system 700 may be an automated controlled access building701. The automated controlled access building 701 may include abiometric reader device 713 and an access control mechanism 740. Theautomated controlled access building 701 may obtain a digitalrepresentation of a biometric using the biometric reader device 713,determine an identity by comparing the digital representation of thebiometric to cached biometric identification information, and allowaccess by controlling the access control mechanism 740 if information incached identity information associated with the identity indicates thatthe person 703 has permission to enter the automated controlled accessbuilding 701.

For example, the biometric reader device 713 is illustrated as afingerprint scanner and the access control mechanism 740 is illustratedas an automated door. The fingerprint scanner may obtain an image of theperson's fingerprint, determine an identity by comparing the image tocached fingerprint images, and control the automated door to allow theperson 703 inside if the person 703 has permission to enter theautomated controlled access building 701.

FIG. 8 depicts a flow chart illustrating a third example method 800 forusing a local cache to perform identifications. This method 800 may beperformed by the systems 200, 700 of FIGS. 2 and/or 7 .

At operation 810, an electronic device (such as the local electronicdevice 201 of FIG. 2 and/or the automated controlled access building 701of FIG. 7 ) may obtain a fingerprint. At operation 820, the electronicdevice may compare the fingerprint to stored fingerprint data that isassociated with stored identity information. At operation 830, theelectronic device may determine whether or not an identity can bedetermined by matching the fingerprint to stored (or cached) fingerprintdata that is associated with stored (or cached) identity information. Ifso, the flow may proceed to operation 840. Otherwise, the flow proceedsto operation 870.

At operation 840, after the electronic device determines the identity,the electronic device may determine whether or not stored identityinformation associated with the identity indicates to allow access. Ifso, the flow may proceed to operation 850. Otherwise, the flow mayproceed to operation 890 where the electronic device determines that anerror has occurred.

At operation 850, after the electronic device determines that storedidentity information associated with the identity indicates to allowaccess, the electronic device may allow access. Allowing access mayinclude controlling an access control mechanism. The flow may then mayproceed to operation 860 where the electronic device may delete thefingerprint.

At operation 870, after the electronic device determines that theidentity cannot be determined by matching the fingerprint to storedfingerprint data, the electronic device may contact a main gallery. Themain gallery may be fingerprint data and identity information stored andmaintained by an identity system device from which the storedfingerprint data and stored identity information were derived.Contacting the main gallery may include transmitting a digitalrepresentation of the fingerprint, such as a hash or otherrepresentation. The flow may then proceed to operation 880 where theelectronic device determines whether or not a match is received from themain gallery. In the case of a match, the electronic device may receivean identity from the main gallery, identity information associated withthe identity, and so on. If so, the flow may proceed to operation 840.Otherwise, the flow proceeds to operation 890 where the electronicdevice may determine that an error has occurred.

Although the example method 800 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, operation 860 is illustrated and described as deleting thefingerprint. This may protect the privacy of the fingerprint by notstoring the fingerprint once the electronic device no longer needs thefingerprint. This may also reduce electronic device storagerequirements. However, it is understood that this is an example. Inother implementations, the electronic device may delete, erase, orotherwise flush a variety of other data as well (such as a portion ofthe stored fingerprint data and/or the stored identity information thatcorresponds to the fingerprint, data related to whether or not accesswas allowed, and so on). Various configurations are possible andcontemplated without departing from the scope of the present disclosure.

In various examples, this example method 800 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed within a cloud network and/or by one or more computingdevices, such as the local electronic device 201 of FIG. 2 and/or theautomated controlled access building 701 of FIG. 7 .

FIG. 9 depicts a fifth example identification system 900 that uses alocal cache for performing identifications. In this example, theidentification system 900 may be an individual point of sale device 901on an airplane. The individual point of sale device 901 may include abiometric reader device 913. A person 903 may use the individual pointof sale device 901 to request goods and/or services, such as analcoholic beverage. The individual point of sale device 901 may obtain adigital representation of a biometric using the biometric reader device913, determine an identity by comparing the digital representation ofthe biometric to cached biometric identification information, andarrange for a request to be fulfilled or denied based on information incached identity information associated with the identity.

For example, the individual point of sale device 901 may cache identityinformation and biometric identification information for all of thepassengers on a plane's flight manifest. As everyone on a plane shouldbe on the plane's flight manifest, the individual point of sale device901 may be able to minimize the amount of identity information andbiometric identification information to be cached in order to operate.

The individual point of sale device 901 may then receive a request foran alcoholic beverage from the person 903, use the biometric readerdevice 913 (shown as a camera that obtains a facial image, an irisimage, a retina image, and so on) to obtain a digital representation ofa biometric, identify the person 903, determine a verified age for theperson from the cached identity information associated with the person'sidentity, and arrange for the request to be fulfilled (such as bysignaling cabin crew to fulfill the request, dispensing the alcoholicbeverage, and so on) if the person's verified age meets a legalthreshold (such as twenty one years of age, eighteen years of age, andso on) for the consumption of alcoholic beverages. The individual pointof sale device 901 may also determine payment information associatedwith the person's identity and process payment using the paymentinformation. This may enable the individual point of sale device 901 toverify age and/or payment for requested alcoholic beverages during aflight even if the individual point of sale device 901 cannot currentlycommunicate with a central database storing age and/or paymentinformation.

By way of another example, one or more electronic devices on an aircraftor at another location may cache identification information and/oridentity information for one or more pilots and/or other staff scheduledto use and/or work on the aircraft. Should a person report as staffwhose identification information and/or identity information is notcached, additional security procedures may be performed to ensure theperson is validly assigned to use and/or work on the aircraft. Variousconfigurations are possible and contemplated without departing from thescope of the present disclosure.

FIG. 10 depicts a flow chart illustrating a fourth example method 1000for using a local cache to perform identifications. This method 1000 maybe performed by the systems 200, 900 of FIGS. 2 and/or 9 .

At operation 1010, an electronic device (such as the local electronicdevice 201 of FIG. 2 and/or the individual point of sale device 901 ofFIG. 9 ) may cache biometric data and identity information for apassenger list of a flight. The flow may then proceed to operation 1020where the electronic device may determine whether or not a digitalrepresentation of a biometric is received. If not, the flow may returnto operation 1020 where the electronic device again determines whetheror not a digital representation of a biometric is received. Otherwise,the flow may proceed to operation 1030.

At operation 1030, the electronic device may use the digitalrepresentation of the biometric to determine an identity. The flow maythen proceed to operation 1040 where the electronic device determineswhether or not information in the cached identity information associatedwith the identity indicates that the transaction is allowed (such aswhether or not the cached identity information indicates that a verifiedage of the person meets or exceeds a threshold age for the transaction,whether or not payment information is available to use for thetransaction, and so on). If not, the flow may proceed to operation 1080where the electronic device determines that an error has occurred.Otherwise, the flow may proceed to operation 1050.

At operation 1050, the electronic device may determine to allow thetransaction. The flow may then proceed to operation 1060 where theelectronic device may process payment for the transaction. Next, theflow may proceed to operation 1070 where the electronic device maydelete all of the biometric data and the identity information after theflight is complete.

Although the example method 1000 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, the method 1000 is illustrated and described in the contextof a flight. However, it is understood that this is an example. Invarious implementations, the method 1000 may be used in other contexts,such as a train trip, a bus ride, an assigned seat at an event venue,and so on. Various configurations are possible and contemplated withoutdeparting from the scope of the present disclosure.

By way of another example, the method 1000 is illustrated and describedas both determining whether or not the transaction is allowed andprocessing payment. However, it is understood that this is an example.In various implementations, one or more of these features may beperformed without performing the other. Various configurations arepossible and contemplated without departing from the scope of thepresent disclosure.

In various examples, this example method 1000 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed within a cloud network and/or by one or more computingdevices, such as the local electronic device 201 of FIG. 2 and/or theindividual point of sale device 901 of FIG. 9 .

FIG. 11 depicts a sixth example identification system 1100 that uses alocal cache for performing identifications. In this example, theidentification system 1100 may be a security screening device 1101 at anairport. The security screening device 1101 may cache biometricidentification information and identity information for all of thepeople who have flights scheduled for a period of time, such as twodays, from an airport where the screening device is located. In someimplementations, the people who have flights scheduled for the timeperiod may be determined using one or more flight manifests.

The security screening device 1101 may include a biometric reader device1113 that the security screening device 1101 may use to obtain a digitalrepresentation of a biometric from a person 1103. The security screeningdevice 1101 may determine an identity by comparing the digitalrepresentation of the biometric to cached biometric identificationinformation and allow access if information in cached identityinformation associated with the identity indicates that the person 1103has a ticket for a flight from the airport during the time period.

In some implementations, the security screening device 1101 may deletethe digital representation of the biometric and/or the correspondingcached biometric identification information and/or identity informationafter the person 1103 is allowed access. This may minimize storagerequirements for the security screening device 1101 as the person hasalready been allowed access.

In some situations, the person 1103 may exit after having passed thesecurity screening device 1101 prior to their flight and attempt toreenter. In such an example, as the security screening device 1101 mayhave already deleted the biometric identification information and/oridentity information corresponding to the person 1103, the securityscreening device 1101 may fail to identify the person 1103 using thecached biometric identification information and/or identity information.In such a situation, the security screening device 1101 may communicatewith an identity system device from which the biometric identificationinformation and/or identity information was originally cached toidentify the person. Various configurations are possible andcontemplated without departing from the scope of the present disclosure.

In another example, the security screening device 1101 may cache aportion of one or more third party databases and/or other electronicdevices that relate to security screening. For example, the securityscreening device 1101 may cache a portion of a federal no fly databaseand/or other blacklist, criminal watch list, and so on. In someimplementations, the security screening device 1101 may cache theportion of such a third party database and/or other electronic deviceassociated with all of the people who have flights scheduled for aperiod of time. In this way, the security screening device 1101 may beable to use the information from the third party database and/or otherelectronic device without actually currently communicating with thethird party database and/or other electronic device. Variousconfigurations are possible and contemplated without departing from thescope of the present disclosure.

FIG. 12 depicts a flow chart illustrating a fifth example method 1200for using a local cache to perform identifications. This method 1200 maybe performed by the systems 200, 1100 of FIGS. 2 and/or 11 .

At operation 1210, an electronic device (such as the local electronicdevice 201 of FIG. 2 and/or the security screening device 1101 of FIG.11 ) may cache biometric data and identity information based on one ormore flight manifests. For example, biometric data and identityinformation for people who have flights from a particular airport withina particular time period may be cached using one or more flightmanifests.

At operation 1220, the electronic device may determine whether or not adigital representation of a biometric is received. If not, the flow mayreturn to operation 1220 where the electronic device may again determinewhether or not a digital representation of a biometric is received.Otherwise, the flow may proceed to operation 1230.

At operation 1230, the electronic device may determine whether or notthere is a match between the digital representation of the biometric andcached biometric data and identity information. If not, the flow mayproceed to operation 1260 where the electronic device may determine thatan error has occurred. Otherwise the flow may proceed to operation 1240.

At operation 1240, the electronic device may allow access. The flow maythen proceed to operation 1250 where the electronic device may deletethe digital representation of the biometric and the corresponding cachedbiometric data and the identity information.

Although the example method 1200 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, operation 1250 illustrates and describes the electronicdevice deleting the digital representation of the biometric and thecorresponding cached biometric data and the identity information.However, it is understood that this is an example. In someimplementations, the electronic device may omit deleting one or more ofthe digital representation of the biometric, the corresponding cachedbiometric data, and/or the corresponding identity information. Variousconfigurations are possible and contemplated without departing from thescope of the present disclosure.

In various examples, this example method 1200 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed within a cloud network and/or by one or more computingdevices, such as the local electronic device 201 of FIG. 2 and/or thesecurity screening device 1101 of FIG. 11 .

FIG. 13 depicts a seventh example identification system 1300 that uses alocal cache for performing identifications. In this example, theidentification system 1300 may be a vehicle 1301. The vehicle 1301 mayinclude a biometric reader device 1313, which is illustrated as amicrophone that obtains a voiceprint for a person 1303. The vehicle 1301may obtain the voiceprint (and/or another digital representation of abiometric) using the biometric reader device 1313 (and/or otherbiometric reader device), determine an identity by comparing the voiceprint to cached biometric identification information, and allowoperation of the vehicle 1301 if the person 1303 has permission tooperate the vehicle 1301 as specified in identity information cached bythe vehicle 1301.

In various implementations, a group of people may have one or more setsof permissions with respect to operating the vehicle 1301. In suchimplementations, the vehicle 1301 may cache biometric identificationinformation and identity information for each of the group of people.

In some implementations, the identity information may specify one ormore configuration options for the vehicle 1301 for the person 1303. Forexample, such configuration options may include a seat position, vehicletemperature, entertainment system settings, control settings, timeand/or location of permitted operation, and so on. In suchimplementations, the vehicle 1301 may control one or more componentsaccording to the configuration options upon determining the identity.

FIG. 14 depicts a flow chart illustrating a sixth example method 1400for using a local cache to perform identifications. This method 1400 maybe performed by the systems 200, 1300 of FIGS. 2 and/or 13 .

At operation 1401, an electronic device (such as the local electronicdevice 201 of FIG. 2 and/or the vehicle 1301 of FIG. 13 ) operates. Theflow may proceed to operation 1402 where the electronic devicedetermines whether or not a digital representation of a biometric isreceived. If not, the flow may proceed to operation 1401 where theelectronic device continues to operate. Otherwise, the flow may proceedto operation 1403.

At operation 1403, the electronic device may determine whether or notthe digital representation of the biometric matches cached biometricidentification information. If so, the flow may proceed to operation1404. Otherwise, the flow may proceed to operation 1409.

At operation 1404, after the electronic device determines that thedigital representation of the biometric matches the cached biometricidentification information, the electronic device may determine whetheror not cached identity information associated with the matched cachedbiometric identification information indicates that use is authorized.If not, the flow may proceed to operation 1412 where the electronicdevice may determine that an error has occurred. Otherwise, the flow mayproceed to operation 1405.

At operation 1405, the electronic device may allow use of the electronicdevice. The flow may then proceed to operation 1406 where the electronicdevice may determine whether or not use is finished. If so, the flow mayreturn to operation 1401 where the electronic device continues tooperate. Otherwise, the flow may proceed to operation 1407.

At operation 1407, the electronic device may determine whether or not toupdate identity information based on the use. In some implementations,the electronic device may update identity information when the usemodifies the identity information. For example, the identity informationmay indicate that use of the electronic device is authorized when aperson has not previously misused the electronic device (such as wherethe electronic device is a vehicle and misuse of the vehicle involvesdriving outside speed limits, not obeying traffic signals, strikingother vehicles, and so on). As such, if the use of the electronic deviceconstitutes misuse, the electronic device may update the identityinformation to indicate that use is no longer authorized. If theelectronic device determines to update the identity information, theflow may proceed to operation 1408 where the electronic device mayupdate the identity information before the flow returns to operation1405. Otherwise, the flow may proceed directly to operation 1405.

At operation 1409, after the electronic device determines that thedigital representation of the biometric does not match the cachedbiometric identification information, the electronic device may obtainidentity information associated with digital representation of thebiometric. The electronic device may obtain the identity information bycommunicating with an identity service device. The flow may then proceedto operation 1410 where the electronic device determines whether or notto cache the identity information and/or the digital representation ofthe biometric. For example, the electronic device may determine to cachethe identity information and/or the digital representation of thebiometric when the identity information indicates that the digitalrepresentation of the biometric is associated with a person who is apermitted user of the electronic device. If so, the flow may proceed tooperation 1411 where the electronic device may cache the identityinformation and/or the digital representation of the biometric beforethe flow proceeds to operation 1404. Otherwise, the flow may proceeddirectly to operation 1404.

Although the example method 1400 is illustrated and described asincluding particular operations performed in a particular order, it isunderstood that this is an example. In various implementations, variousorders of the same, similar, and/or different operations may beperformed without departing from the scope of the present disclosure.

For example, the method 1400 is illustrated and described as continuingto allow use after updating the identity information based on the use ofthe electronic device. However, in some implementations, updating theidentity information based on use of the electronic device may removeauthorization to use the electronic device. In such an example, theelectronic device may instead cease allowing operation. Variousconfigurations are possible and contemplated without departing from thescope of the present disclosure.

In various examples, this example method 1400 may be implemented as agroup of interrelated software modules or components that performvarious functions discussed herein. These software modules or componentsmay be executed within a cloud network and/or by one or more computingdevices, such as the local electronic device 201 of FIG. 2 and/or thevehicle 1301 of FIG. 13 .

Although the present disclosure is illustrated and described in thecontext of caching information from a central system at local electronicdevices and updating the central system for actions performed by thelocal electronic devices, it is understood that this is an example. Insome implementations, the central system may include a number ofelectronic devices that operate in a cooperative computing arrangementto centrally store information. In such implementations, one or moredevices in the central system may receive updates from the localelectronic devices and subsequently use the techniques disclosed hereinto provide those updates to other devices in the central system, such asexamples where devices are located in each time zone and communicateupdates received from local electronic devices to devices in an adjacenttime zone upon the occurrence of various conditions, such as hourly.Various configurations are possible and contemplated without departingfrom the scope of the present disclosure.

Although the above illustrates and describes a number of embodiments, itis understood that these are examples. In various implementations,various techniques of individual embodiments may be combined withoutdeparting from the scope of the present disclosure.

As described above and illustrated in the accompanying figures, thepresent disclosure relates to an identification system that uses a localcache for performing identifications. An identity system device maystore identity information and identification information. One or moreelectronic devices may store a cache of a portion of the identityinformation and a part of the identification information. Such anelectronic device may allow controlled access to the cached identityinformation using the cached identification information. For example,the cached identification information may include cached biometricidentification information. The electronic device may receive userinput, determine an identity by comparing the user input to the cachedidentification information, and perform an action using information inthe cached identity information that is associated with the identity. Inthis way, the electronic device performs identifications locally withoutrequiring communication with the identity system device but also usesthe identity system device to centrally store and maintain the identityinformation and the identification information that is used to protectthe identity information.

The present disclosure recognizes that biometric and/or other personaldata is owned by the person from whom such biometric and/or otherpersonal data is derived. This data can be used to the benefit of thosepeople. For example, biometric data may be used to conveniently andreliably identify and/or authenticate the identity of people, accesssecurely stored financial and/or other information associated with thebiometric data, and so on. This may allow people to avoid repeatedlyproviding physical identification and/or other information.

The present disclosure further recognizes that the entities who collect,analyze, store, and/or otherwise use such biometric and/or otherpersonal data should comply with well-established privacy policiesand/or privacy practices. Particularly, such entities should implementand consistently use privacy policies and practices that are generallyrecognized as meeting or exceeding industry or governmental requirementsfor maintaining security and privately maintaining biometric and/orother personal data, including the use of encryption and securitymethods that meets or exceeds industry or government standards. Forexample, biometric and/or other personal data should be collected forlegitimate and reasonable uses and not shared or sold outside of thoselegitimate uses. Further, such collection should occur only afterreceiving the informed consent. Additionally, such entities should takeany needed steps for safeguarding and securing access to such biometricand/or other personal data and ensuring that others with access to thebiometric and/or other personal data adhere to the same privacy policiesand practices. Further, such entities should certify their adherence towidely accepted privacy policies and practices by subjecting themselvesto appropriate third party evaluation.

Additionally, the present disclosure recognizes that people may blockthe use of, storage of, and/or access to biometric and/or other personaldata. Entities who typically collect, analyze, store, and/or otherwiseuse such biometric and/or other personal data should implement andconsistently prevent any collection, analysis, storage, and/or other useof any biometric and/or other personal data blocked by the person fromwhom such biometric and/or other personal data is derived.

In the present disclosure, the methods disclosed may be implemented assets of instructions or software readable by a device. Further, it isunderstood that the specific order or hierarchy of steps in the methodsdisclosed are examples of sample approaches. In other embodiments, thespecific order or hierarchy of steps in the method can be rearrangedwhile remaining within the disclosed subject matter. The accompanyingmethod claims present elements of the various steps in a sample order,and are not necessarily meant to be limited to the specific order orhierarchy presented.

The described disclosure may be provided as a computer program product,or software, that may include a non-transitory machine-readable mediumhaving stored thereon instructions, which may be used to program acomputer system (or other electronic devices) to perform a processaccording to the present disclosure. A non-transitory machine-readablemedium includes any mechanism for storing information in a form (e.g.,software, processing application) readable by a machine (e.g., acomputer). The non-transitory machine-readable medium may take the formof, but is not limited to, a magnetic storage medium (e.g., floppydiskette, video cassette, and so on); optical storage medium (e.g.,CD-ROM); magneto-optical storage medium; read only memory (ROM); randomaccess memory (RAM); erasable programmable memory (e.g., EPROM andEEPROM); flash memory; and so on.

The foregoing description, for purposes of explanation, used specificnomenclature to provide a thorough understanding of the describedembodiments. However, it will be apparent to one skilled in the art thatthe specific details are not required in order to practice the describedembodiments. Thus, the foregoing descriptions of the specificembodiments described herein are presented for purposes of illustrationand description. They are not targeted to be exhaustive or to limit theembodiments to the precise forms disclosed. It will be apparent to oneof ordinary skill in the art that many modifications and variations arepossible in view of the above teachings.

What is claimed is:
 1. A system, comprising: an identity system devicethat stores identity information and biometric information for multiplepeople; and a local electronic device that: stores at least a portion ofthe biometric information in a local cache; obtains a digitalrepresentation of a biometric; attempts to determine an identity bycomparing the digital representation of the biometric to the localcache; upon failure to determine the identity by comparing the digitalrepresentation of the biometric to the local cache, attempts todetermine the identity by comparing the digital representation of thebiometric to the biometric information; and deletes a portion of thelocal cache corresponding to the digital representation of thebiometric.
 2. The system of claim 1, wherein the local electronic devicedeletes the portion of the local cache after a period of time.
 3. Thesystem of claim 1, wherein the local electronic device deletes theportion of the local cache after performing an action.
 4. The system ofclaim 1, wherein the digital representation of the biometric correspondsto at least a portion of a face of a person.
 5. The system of claim 1,wherein the local electronic device submits a request to the identitysystem device.
 6. The system of claim 5, wherein the request relates toat least to the digital representation of the biometric.
 7. The systemof claim 1, wherein the local electronic device determines whether toallow access based on the identity.
 8. A system, comprising: anon-transitory storage medium that stores instructions; and a processorthat executes the instructions to: store, in a local cache, at least aportion of biometric information that is stored by an identity systemthat stores identity information; obtain a digital representation of abiometric; attempt to determine an identity by comparing the digitalrepresentation of the biometric to the local cache; upon failure todetermine the identity by comparing the digital representation of thebiometric to the local cache, attempt to determine the identity bycomparing the digital representation of the biometric to the biometricinformation; and delete a portion of the local cache that corresponds tothe digital representation of the biometric.
 9. The system of claim 8,further comprising an access control mechanism wherein the processor isoperable to allow access by signaling the access control mechanism. 10.The system of claim 8, wherein the processor is operable to receive anage corresponding to the identity from the identity system.
 11. Thesystem of claim 8, wherein the processor is operable to receivefinancial information corresponding to the identity from the identitysystem.
 12. The system of claim 8, wherein the processor receives theportion of the biometric information from the identity system.
 13. Thesystem of claim 12, wherein the portion of the biometric information isdetermined according to a set of parameters.
 14. The system of claim 8,further comprising a biometric reader device communicably coupled to theprocessor.
 15. A method, comprising: attempting to determine identitiesby comparing digital representations of biometrics to a local cache;upon failure to determine the identities by comparing the digitalrepresentations of the biometrics to the local cache, attempting todetermine the identities by comparing the digital representations of thebiometrics to biometric information stored by an identity system; anddeleting a portion of the local cache.
 16. The method of claim 15,further comprising determining whether to omit deleting the portion ofthe local cache.
 17. The method of claim 15, wherein the identity systemstores identity information associated with the biometric information.18. The method of claim 17, further comprising storing at least aportion of the identity information in the local cache.
 19. The methodof claim 18, further comprising deleting at least a part of the at leastthe portion of the identity information from the local cache.
 20. Themethod of claim 15, wherein comparing the digital representations of thebiometrics to biometric information stored by the identity systemcomprises transmitting data to the identity system.